With the IPv4 address exhaustion around the corner you might want to take a look at IPv6.
The lucky ones have an ISP which is already IPv6 ready – I’m not one of the lucky ones … in fact my ISP (bredband2.se) have responded to me that they don’t have any plans for deploying IPv6 to their customers ๐
So – what do I have to do to get my IPv6 fix?
Get an account with a tunnel broker – there’s plenty of them now.
The one I use is SixXS which have been really reliable, and have an active set of admins. If you play nice, they’re really nice people, but if you decide not to play by their rules, you’ll be out really fast. I like this ๐
Once you’ve gotten an account it’s time to get your gateway connected.
Connecting to SixXs
As usual it’s easy to install the required software
apt-get install aiccu
During the install you’ll be prompted for username+password for your SixXs account (you can have a user/pass on each tunnel now).
Once the info have been entered aiccu will set up your new tunnel. If you have registered more tunnels a menu will appear for you to choose from.
Now you should be able to use IPv6 – try a ‘ping6 www.kame.net’. Is there a reply? Congratulations, you’ve godt IPv6.
Connecting your lan
With the router up running with IPv6, it’s time to get the rest of your lan online too.
Go back to SixXs and apply for a subnet (/48). Once one have been assigned to you, get back here and do the final setup of the router.
Enable ipv6 forwarding
To allow the router to forward ipv6, set the sysctl net.ipv6.conf.all.forwarding to 1
Set up /etc/radvd.conf
if radvd isn’t on your system:
apt-get install radvd
radvd is used to give your hosts on the lan ipv6 addresses. Consult the man-page/sample config to learn what things do ๐
interface eth1 { AdvSendAdvert on; MinRtrAdvInterval 3; MaxRtrAdvInterval 10; AdvDefaultPreference low; AdvHomeAgentFlag off; prefix APartOfYourPrefix::/64 { AdvOnLink on; AdvAutonomous on; AdvRouterAddr on; }; RDNSS IPv6AddressOfNameserver { AdvRDNSSPreference 8; AdvRDNSSLifetime 30; }; };
the interface in the config is the internal, where you want to advertise addresses
Remember the firewall!
Remember to set up a firewall. I use ip6tables since it’s part of the kernel.
IPv6 don’t use ARP, but instead icmpv6, so make sure to allow this (or a relevant subset of it).